Access Manager

NetIQ Access Manager can support custom Geo location providers to in order to determine the risk score. Risk Based Authentication with NAM 4.1 will consume this custom provider implementation to read geolocation of user from where user is accessing the system.

By: cstumula
May 12, 2015
2:27 pm
Reads:
142
Score:
Unrated

Salesforce allows you to use any third party web application that implements the server side of the OpenID Connect protocol. This allows you to use authentication providers like NetIQ Access Manager.

By: cstumula
May 11, 2015
4:00 pm
Reads:
114
Score:
Unrated

You are writing a mobile or web application to access Amazon Web Services like Cognito Synchronized Storage, S3, Amazon DynoDB etc. Also, you need to handle Identities of your application and store the application state or access services unique per Identity in the Amazon Web Service. In this case, you want to delegate handling of Identities or don’t want to provide custom login code and delegate authentication mechanism to NetIQ Access Manager…

May 7, 2015
10:18 am
Reads:
221
Score:
Unrated

This article shows how to write a sample mobile application utilizing Oauth2.0 Implicit Grant to get an access token and ID token. Also, this shows how to get a user’s claim information using UserInfo endpoint of OpenId Connect Core 1.0 protocol. Dependencies This solution uses the following libraries…

May 6, 2015
10:54 am
Reads:
199
Score:
Unrated

Google Chrome book is gaining popularity especially among education institutes for various reasons. Some are, Google offers subscription at discounted cost for educational institutes. Google Admin Console Device management is simple and easy to control devices. Google provides number of services includes Mail, Google Drive, Calendar, Messenger, etc., as complete suite of services for an Organization. Redistribution of Chromebook is easy with powerwash, this deletes all data and reinstate the device as new.

By: cstumula
Apr 24, 2015
4:48 pm
Reads:
209
Score:
Unrated

In the previous article, I have explained the Botnets and free sites which offer a list of infected sites. Repeated here for readability “There are number of publicly available lists of known IP Addresses that are currently compromised. Various sites offer these lists for free. These hosts are running crimeware with Botnets. The…

Apr 21, 2015
12:01 pm
Reads:
663
Score:
Unrated

Introduction   There are some requirements for enterprises such as policy restriction of client location to access Office 365 services. For example STS token has to be sent only for activesync client. Or allow only internal client IPAddress. Solution   Office 365 sends information about application name, client IP, useragent, proxy information to STS as…

+ read more

By: cstumula
Apr 20, 2015
1:59 pm
Reads:
278
Score:
Unrated

Provide a know list of IP address from a simple text file. The file can be hand crafted. Or, can be downloaded from known set of vulnerable IP addresses. Configuring them in Administration Console is tedious. Use this tool to update a text file and see this is effected in “Risk Based Authentication” of NetIQ Access Manager

Apr 16, 2015
10:57 am
Reads:
601
Score:
Unrated

Previously I had posted a script for port redirection on the Identity Server. I’ve since found this doesn’t work too well when the local SLES firewall is enabled. The following is a better solution. First, create a Firewall Service file that contains the necessary ports to open (this assumes the Administration Console and Identity Server…

+ read more

ScorpionSting
Apr 14, 2015
1:09 pm
Reads:
293
Score:
5